<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Plaintech UK Employee login Error</title>
    <link rel="stylesheet" type="text/css" href="css/login.css" />
<link rel="stylesheet" type="text/css" href="css/layout.css" />
</head>


<body>
<div id="header">
    <div id="logo">
         <img src="images/plaintech-small.png"/>
    </div>
</div>

<div id="wrapper">
      <div id="logo_plaintech">
      </div>


           <?php

ob_start();
$tbl_name = "auth"; // Table name
// Connect to server and select databse.
include("databaseconnect.php");
databaseconnect();

// Define $myusername and $mypassword
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];
$encrypted_mypassword = md5($mypassword);
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$encrypted_mypassword = stripslashes($encrypted_mypassword);
$myusername = mysql_real_escape_string($myusername);
$encrypted_mypassword = mysql_real_escape_string($encrypted_mypassword);

$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$encrypted_mypassword'";

// Mysql_num_row is counting table row
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
$count = mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if ($count == 1) {
// Register $myusername, $mypassword and redirect to file "login_success.php"
    session_start();
    $_SESSION[userid] = $row['userid'];
    $_SESSION[groupid] = $row['groupid'];
    echo $_SESSION[userid];
//session_register("encrypted_mypassword");
    header("location:login_success.php");
//header("location:test.php");
} else {
    echo         "<div class=\"border\" id=\"login\"><br><br><br>Wrong Username or Password <br /><a href=\"login.php\">Go back to the login page</a></div>";
}

ob_end_flush();
?>    
      
     
</div>
                <div id="footer" class="ui-layout-south">
    Copyright 2011 &copy; Plaintech UK (<a href="http://www.Plaintech.com" target="_blank">www.Plaintech.com </a>). All Rights Reserved.
</div>
</body>
</html>
